官术网_书友最值得收藏!

Enabling the Secure Shell (SSH)

This recipe describes how to enable the Secure Shell (SSH) service in pfSense.

Getting ready

SSH is a networking protocol that allows encrypted communication between two devices. Enabling SSH allows secure access to the pfSense console remotely, just as if you were sitting in front of the physical console.

How to do it...

  1. Browse to System | Advanced | Secure Shell.
  2. Check Enable Secure Shell.
  3. You will be prompted for credentials when you connect (use the same username and password as the webGUI), but checking Disable password login for Secure Shell will allow you to use RSA keys instead. See the next recipe for details.
  4. Leave the SSH port blank to use the default port:
  5. Save the changes and the SSH service will be started.

How it works...

Enabling the Secure Shell turns on pfSense's built-in SSH server to listen to requests on the port you've specified (port 22 by default).

Note

Like all pfSense services (unless otherwise noted), the SSH service will listen on every available interface. Like other services, firewall's rules are used to grant or deny access to these services. See Chapter 3, General Configuration for more information on configuring firewall rules.

There's more...

Changing the SSH authentication method to use RSA keys is a great way to secure access to your system. See the following recipe for details.

Additionally, you can change the port that SSH listens on. Doing so may increase security slightly by reducing the number of unauthorized login attempts, but you will need to remember what you have changed it to, or you will be unable to connect.

See also

  • The Generating authorized RSA keys recipe
  • The Creating a firewall rule recipe in Chapter 3, General Configuration
主站蜘蛛池模板: 渭南市| 武安市| 哈尔滨市| 乌兰察布市| 鱼台县| 卫辉市| 阳信县| 米泉市| 吴堡县| 资中县| 昌都县| 阳春市| 介休市| 汝州市| 盖州市| 德清县| 易门县| 静安区| 获嘉县| 华阴市| 萨迦县| 渭源县| 青河县| 桃园县| 临高县| 定陶县| 崇义县| 龙游县| 同江市| 中宁县| 泾阳县| 平顶山市| 兴业县| 永泰县| 金川县| 三门峡市| 新巴尔虎左旗| 印江| 航空| 墨竹工卡县| 黑山县|